Skip navigation
Menu
End-User Platforms>Active Directory

JSI Tip 5794. You disabled an account in Active Directory but the user can still logon?

After you right-click a user in Active Directory Users and Computers and press Disable Account, you find that the user can still logon.

If you have multiple domain controllers, and the user is authenticated by a domain controller that you did NOT make the change on, this condition will exist.

When you disable an account, urgent replication is NOT triggered.

NOTE: This condition is also true when you disable the account using the command line:

net user <UserName> /active:no /domain

To workaround this condition, after you disable the account, use Reset Password.

NOTE: To disable the account using the command line:

net user <UserName> /active:no /domain
net user <UserName> <NewPassword> /domain



Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
computer password entry box overlaying a keyboard
How To Use PowerShell for Active Directory Password Help
Mar 18, 2024
Microsoft CEO Satya Nadella on stage at Microsoft Ignite 2023
Top 10 Stories About Microsoft in 2023
Dec 22, 2023
A keyboard key shows a cloud icon and says the word 'connect'
How to Access Azure AD in PowerShell
May 09, 2023
arrows on a blue background
How To Import the PowerShell Active Directory Module
May 02, 2023